What  CIRCIA Means  for  Critical  Infrastructure  Providers  and

            How Breach and Attack Simulation Can Help



            By Guy Bejerano, CEO, SafeBreach


            On July 3rd the period for public comment closed for the U.S. Cybersecurity  and Infrastructure Security
            Agency’s  proposed  Cyber  Incident  Reporting  for  Critical Infrastructure  Act  of 2022 (CIRCIA)  reporting
            rules announced  earlier  this year. CIRCIA's  enhanced  reporting  obligations  have the potential  to drive
            greater transparency, accountability and, ultimately, much-needed improvements in cyber readiness and
            resilience across all U.S. critical infrastructure sectors.

            Below, I’ll discuss what CIRCIA means to organizations covered by these rules, the reason for its focus
            on critical infrastructure, and how organizations  can prepare to meet its reporting requirements.  I’ll also
            explore how breach and attack simulation (BAS) programs can help organizations  not only comply with
            the rules, but also prepare for future threats and regulations with new simulation, incident response, and
            reporting capabilities.











            Cyber Defense eMagazine – August 2024 Edition                                                                                                                                                                                                          27
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.